| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/cloud/cloud_policy_client.h" | 5 #include "chrome/browser/policy/cloud/cloud_policy_client.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/guid.h" | 8 #include "base/guid.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| 11 #include "chrome/browser/policy/cloud/device_management_service.h" | 11 #include "chrome/browser/policy/cloud/device_management_service.h" |
| 12 #include "google_apis/gaia/gaia_constants.h" |
| 12 | 13 |
| 13 namespace em = enterprise_management; | 14 namespace em = enterprise_management; |
| 14 | 15 |
| 15 namespace policy { | 16 namespace policy { |
| 16 | 17 |
| 17 namespace { | 18 namespace { |
| 18 | 19 |
| 19 // Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used | 20 // Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used |
| 20 // internally to represent different device modes. | 21 // internally to represent different device modes. |
| 21 DeviceMode TranslateProtobufDeviceMode( | 22 DeviceMode TranslateProtobufDeviceMode( |
| (...skipping 10 matching lines...) Expand all Loading... |
| 32 | 33 |
| 33 bool IsChromePolicy(const std::string& type) { | 34 bool IsChromePolicy(const std::string& type) { |
| 34 return type == dm_protocol::kChromeDevicePolicyType || | 35 return type == dm_protocol::kChromeDevicePolicyType || |
| 35 type == dm_protocol::kChromeUserPolicyType; | 36 type == dm_protocol::kChromeUserPolicyType; |
| 36 } | 37 } |
| 37 | 38 |
| 38 } // namespace | 39 } // namespace |
| 39 | 40 |
| 40 CloudPolicyClient::Observer::~Observer() {} | 41 CloudPolicyClient::Observer::~Observer() {} |
| 41 | 42 |
| 43 void CloudPolicyClient::Observer::OnRobotAuthCodesFetched( |
| 44 CloudPolicyClient* client) {} |
| 45 |
| 42 CloudPolicyClient::StatusProvider::~StatusProvider() {} | 46 CloudPolicyClient::StatusProvider::~StatusProvider() {} |
| 43 | 47 |
| 44 CloudPolicyClient::CloudPolicyClient(const std::string& machine_id, | 48 CloudPolicyClient::CloudPolicyClient(const std::string& machine_id, |
| 45 const std::string& machine_model, | 49 const std::string& machine_model, |
| 46 UserAffiliation user_affiliation, | 50 UserAffiliation user_affiliation, |
| 47 StatusProvider* status_provider, | 51 StatusProvider* status_provider, |
| 48 DeviceManagementService* service) | 52 DeviceManagementService* service) |
| 49 : machine_id_(machine_id), | 53 : machine_id_(machine_id), |
| 50 machine_model_(machine_model), | 54 machine_model_(machine_model), |
| 51 user_affiliation_(user_affiliation), | 55 user_affiliation_(user_affiliation), |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 170 request->mutable_session_status_report_request())) { | 174 request->mutable_session_status_report_request())) { |
| 171 request->clear_session_status_report_request(); | 175 request->clear_session_status_report_request(); |
| 172 } | 176 } |
| 173 } | 177 } |
| 174 | 178 |
| 175 // Fire the job. | 179 // Fire the job. |
| 176 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, | 180 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, |
| 177 base::Unretained(this))); | 181 base::Unretained(this))); |
| 178 } | 182 } |
| 179 | 183 |
| 184 void CloudPolicyClient::FetchRobotAuthTokens(const std::string& auth_token) { |
| 185 CHECK(is_registered()); |
| 186 DCHECK(!auth_token.empty()); |
| 187 |
| 188 request_job_.reset(service_->CreateJob( |
| 189 DeviceManagementRequestJob::TYPE_API_AUTH_CODE_FETCH)); |
| 190 // The credentials of a domain user are needed in order to mint a new OAuth2 |
| 191 // authorization token for the robot account. |
| 192 request_job_->SetOAuthToken(auth_token); |
| 193 request_job_->SetDMToken(dm_token_); |
| 194 request_job_->SetClientID(client_id_); |
| 195 |
| 196 em::DeviceServiceApiAccessRequest* request = |
| 197 request_job_->GetRequest()->mutable_service_api_access_request(); |
| 198 request->add_auth_scope(GaiaConstants::kAnyApiOAuth2Scope); |
| 199 |
| 200 request_job_->Start( |
| 201 base::Bind(&CloudPolicyClient::OnFetchRobotAuthTokensCompleted, |
| 202 base::Unretained(this))); |
| 203 } |
| 204 |
| 180 void CloudPolicyClient::Unregister() { | 205 void CloudPolicyClient::Unregister() { |
| 181 DCHECK(service_); | 206 DCHECK(service_); |
| 182 request_job_.reset( | 207 request_job_.reset( |
| 183 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); | 208 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); |
| 184 request_job_->SetDMToken(dm_token_); | 209 request_job_->SetDMToken(dm_token_); |
| 185 request_job_->SetClientID(client_id_); | 210 request_job_->SetClientID(client_id_); |
| 186 request_job_->GetRequest()->mutable_unregister_request(); | 211 request_job_->GetRequest()->mutable_unregister_request(); |
| 187 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, | 212 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, |
| 188 base::Unretained(this))); | 213 base::Unretained(this))); |
| 189 } | 214 } |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 device_mode_ = TranslateProtobufDeviceMode( | 287 device_mode_ = TranslateProtobufDeviceMode( |
| 263 response.register_response().enrollment_type()); | 288 response.register_response().enrollment_type()); |
| 264 } | 289 } |
| 265 | 290 |
| 266 NotifyRegistrationStateChanged(); | 291 NotifyRegistrationStateChanged(); |
| 267 } else { | 292 } else { |
| 268 NotifyClientError(); | 293 NotifyClientError(); |
| 269 } | 294 } |
| 270 } | 295 } |
| 271 | 296 |
| 297 void CloudPolicyClient::OnFetchRobotAuthTokensCompleted( |
| 298 DeviceManagementStatus status, |
| 299 const em::DeviceManagementResponse& response) { |
| 300 if (status == DM_STATUS_SUCCESS && |
| 301 (!response.has_service_api_access_response() || |
| 302 response.service_api_access_response().auth_code().empty())) { |
| 303 LOG(WARNING) << "Invalid service api access response."; |
| 304 status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| 305 } |
| 306 |
| 307 status_ = status; |
| 308 if (status == DM_STATUS_SUCCESS) { |
| 309 robot_api_auth_code_ = response.service_api_access_response().auth_code(); |
| 310 DVLOG(1) << "Device robot account auth code fetch complete - code = " |
| 311 << robot_api_auth_code_; |
| 312 |
| 313 NotifyRobotAuthCodesFetched(); |
| 314 } else { |
| 315 NotifyClientError(); |
| 316 } |
| 317 } |
| 318 |
| 272 void CloudPolicyClient::OnPolicyFetchCompleted( | 319 void CloudPolicyClient::OnPolicyFetchCompleted( |
| 273 DeviceManagementStatus status, | 320 DeviceManagementStatus status, |
| 274 const em::DeviceManagementResponse& response) { | 321 const em::DeviceManagementResponse& response) { |
| 275 if (status == DM_STATUS_SUCCESS) { | 322 if (status == DM_STATUS_SUCCESS) { |
| 276 if (!response.has_policy_response() || | 323 if (!response.has_policy_response() || |
| 277 response.policy_response().response_size() == 0) { | 324 response.policy_response().response_size() == 0) { |
| 278 LOG(WARNING) << "Empty policy response."; | 325 LOG(WARNING) << "Empty policy response."; |
| 279 status = DM_STATUS_RESPONSE_DECODING_ERROR; | 326 status = DM_STATUS_RESPONSE_DECODING_ERROR; |
| 280 } | 327 } |
| 281 } | 328 } |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 351 } | 398 } |
| 352 | 399 |
| 353 void CloudPolicyClient::NotifyPolicyFetched() { | 400 void CloudPolicyClient::NotifyPolicyFetched() { |
| 354 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this)); | 401 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this)); |
| 355 } | 402 } |
| 356 | 403 |
| 357 void CloudPolicyClient::NotifyRegistrationStateChanged() { | 404 void CloudPolicyClient::NotifyRegistrationStateChanged() { |
| 358 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this)); | 405 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this)); |
| 359 } | 406 } |
| 360 | 407 |
| 408 void CloudPolicyClient::NotifyRobotAuthCodesFetched() { |
| 409 FOR_EACH_OBSERVER(Observer, observers_, OnRobotAuthCodesFetched(this)); |
| 410 } |
| 411 |
| 361 void CloudPolicyClient::NotifyClientError() { | 412 void CloudPolicyClient::NotifyClientError() { |
| 362 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this)); | 413 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this)); |
| 363 } | 414 } |
| 364 | 415 |
| 365 } // namespace policy | 416 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12538009:
Public Sessions: fetch device robot api token during enterprise enrollment. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master